[PM-11162] Assign To Collections Permission Update (#11367)

Only users with Manage/Edit permissions will be allowed to Assign To Collections. If the user has Can Edit Except Password the collections dropdown will be disabled. --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com> Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2025-12-06 00:13:28 +00:00 · 2025-02-04 15:44:59 -05:00
parent 1b3bc71e50
commit 327aed9763
15 changed files with 143 additions and 142 deletions
--- a/apps/web/src/app/vault/components/vault-items/vault-items.component.ts
+++ b/apps/web/src/app/vault/components/vault-items/vault-items.component.ts
@@ -236,6 +236,13 @@ export class VaultItemsComponent {
    return (organization.canEditAllCiphers && this.viewingOrgVault) || cipher.edit;
  }

+  protected canAssignCollections(cipher: CipherView) {
+    const organization = this.allOrganizations.find((o) => o.id === cipher.organizationId);
+    return (
+      (organization?.canEditAllCiphers && this.viewingOrgVault) || cipher.canAssignToCollections
+    );
+  }
+
  protected canManageCollection(cipher: CipherView) {
    // If the cipher is not part of an organization (personal item), user can manage it
    if (cipher.organizationId == null) {
@@ -461,7 +468,7 @@ export class VaultItemsComponent {
  private allCiphersHaveEditAccess(): boolean {
    return this.selection.selected
      .filter(({ cipher }) => cipher)
-      .every(({ cipher }) => cipher?.edit);
+      .every(({ cipher }) => cipher?.edit && cipher?.viewPassword);
  }

  private getUniqueOrganizationIds(): Set<string> {